diff --git a/include/asterisk/acl.h b/include/asterisk/acl.h
index 4abe9fb487ea86f780da01f728fcb02f53eb4204..def98c82c6fe7af979b3859a38395ca6e41f015c 100644
--- a/include/asterisk/acl.h
+++ b/include/asterisk/acl.h
@@ -430,6 +430,38 @@ struct ast_ha *ast_named_acl_find(const char *name, int *is_realtime, int *is_un
  */
 struct stasis_message_type *ast_named_acl_change_type(void);
 
+/*!
+ * \brief output an HA to the provided fd
+ *
+ * \details
+ * This function can be used centrally to output HAs as used in ACLs from other
+ * modules.  It follows the format as originally used for named ACLs in
+ * named_acl.c.
+ *
+ * \param fd The file-descriptor to which to output the HA.
+ * \param ha The HA to output.
+ * \param prefix If you need a specific prefix output on each line, give it here, may be NULL.
+ *
+ * \since 13.33.0, 16.10.0, 17.4.0
+ */
+void ast_ha_output(int fd, const struct ast_ha *ha, const char *prefix);
+
+/*!
+ * \brief output an ACL to the provided fd
+ *
+ * \details
+ * This function can be used centrally to output HAs as used in ACLs from other
+ * modules.  It follows the format as originally used for named ACLs in
+ * named_acl.c.
+ *
+ * \param fd The file-descriptor to which to output the ACL.
+ * \param acl The ACL to output.
+ * \param prefix If you need a specific prefix output on each line, give it here, may be NULL.
+ *
+ * \since 13.33.0, 16.10.0, 17.4.0
+ */
+void ast_acl_output(int fd, struct ast_acl_list *acl, const char *prefix);
+
 #if defined(__cplusplus) || defined(c_plusplus)
 }
 #endif
diff --git a/main/acl.c b/main/acl.c
index bca1e50614768287534e3755c69b2a75f1ffde1f..a560046574378071fd14fc52f9067fa06ade182f 100644
--- a/main/acl.c
+++ b/main/acl.c
@@ -48,6 +48,7 @@
 #include "asterisk/utils.h"
 #include "asterisk/lock.h"
 #include "asterisk/srv.h"
+#include "asterisk/cli.h"
 
 #if (!defined(SOLARIS) && !defined(HAVE_GETIFADDRS))
 static int get_local_address(struct ast_sockaddr *ourip)
@@ -1082,3 +1083,31 @@ int ast_find_ourip(struct ast_sockaddr *ourip, const struct ast_sockaddr *bindad
 	ast_sockaddr_set_port(ourip, port);
 	return res;
 }
+
+void ast_ha_output(int fd, const struct ast_ha *ha, const char *prefix)
+{
+	char addr[AST_SOCKADDR_BUFLEN];
+	char *mask;
+	int index = 0;
+	for (; ha; ha = ha->next, ++index) {
+		strcpy(addr, ast_sockaddr_stringify_addr(&ha->addr));
+		mask = ast_sockaddr_stringify_addr(&ha->netmask);
+		ast_cli(fd, "%s%3d: %s - %s/%s\n", prefix ?: "", index, ha->sense == AST_SENSE_ALLOW ? "allow" : " deny", addr, mask);
+	}
+}
+
+void ast_acl_output(int fd, struct ast_acl_list *acl_list, const char *prefix)
+{
+	struct ast_acl *acl;
+
+	AST_LIST_LOCK(acl_list);
+	AST_LIST_TRAVERSE(acl_list, acl, list) {
+		ast_cli(fd, "%sACL: %s%s\n---------------------------------------------\n",
+				prefix ?: "", ast_strlen_zero(acl->name) ? "(unnamed)" : acl->name,
+				acl->is_realtime ? " (realtime)" : "");
+
+		ast_ha_output(fd, acl->acl, prefix);
+	}
+	AST_LIST_UNLOCK(acl_list);
+
+}
diff --git a/main/manager.c b/main/manager.c
index 2d6897c5b3165a03eac083d1861a3c3954ab4306..e7a7f0f022ac9064a9fe544d50401d8b0203854b 100644
--- a/main/manager.c
+++ b/main/manager.c
@@ -2550,6 +2550,9 @@ static char *handle_showmanager(struct ast_cli_entry *e, int cmd, struct ast_cli
 		for (v = user->chanvars ; v ; v = v->next) {
 			ast_cli(a->fd, "                 %s = %s\n", v->name, v->value);
 		}
+	if (!ast_acl_list_is_empty(user->acl)) {
+		ast_acl_output(a->fd, user->acl, NULL);
+	}
 
 	AST_RWLIST_UNLOCK(&users);
 
diff --git a/main/named_acl.c b/main/named_acl.c
index 8e9da3a1d8618c266d98ab4a356e6d202808d146..f1c99a1a796ea424e2c030001f9c6837691407fc 100644
--- a/main/named_acl.c
+++ b/main/named_acl.c
@@ -411,8 +411,6 @@ publish_failure:
  */
 static void cli_display_named_acl(int fd, const char *name)
 {
-	struct ast_ha *ha;
-	int ha_index = 0;
 	int is_realtime = 0;
 
 	RAII_VAR(struct named_acl_config *, cfg, ao2_global_obj_ref(globals), ao2_cleanup);
@@ -437,12 +435,7 @@ static void cli_display_named_acl(int fd, const char *name)
 	}
 
 	ast_cli(fd, "\nACL: %s%s\n---------------------------------------------\n", name, is_realtime ? " (realtime)" : "");
-	for (ha = named_acl->ha; ha; ha = ha->next) {
-		char *addr = ast_strdupa(ast_sockaddr_stringify_addr(&ha->addr));
-		char *mask = ast_sockaddr_stringify_addr(&ha->netmask);
-		ast_cli(fd, "%3d: %s - %s/%s\n", ha_index, ha->sense == AST_SENSE_ALLOW ? "allow" : " deny", addr, mask);
-		ha_index++;
-	}
+	ast_ha_output(fd, named_acl->ha, NULL);
 }
 
 /*!